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REMARKS 

The Applicants and the undersigned thank Examiner Colin for his time and for his 
consideration given during the telephonic interview of July 26, 2006. These remarks and 
amendment are supplemental to the response and amendment of July 24, 2006. The main 
focus of this supplemental response is to provide a summary of the very productive 
telephonic interview that was conducted between Examiner Colin and the Applicants' 
representative and to provide a clarifying amendment that was suggested by Examiner 
Colin during the telephonic interview. 

Claims 1-20 have been rejected. Upon entry of this amendment, Claims 1-15 and 
17-20 will remain pending in this application. 

The independent claims are Claims 1, 8, and 11. Consideration of the present 
application is respectfully requested in light of the above amendments to the claims, in 
view of the remarks submitted on July 24, 2006, and in view of the following remarks 
and telephonic interview summary. The Applicants submit that this response should be 
read in conjunction with the response and amendment that was filed on July 24, 2006. 

Summary of Telephonic Interview of July 26, 2006 

The Applicants and the undersigned again thank Examiner Colin for his time and 
consideration given during the telephonic interview of July 26, 2006. During this 
telephonic interview, a proposed amendment to the claims provided by the Applicants 
prior to the interview was discussed. 

The Applicants' representative explained the amended independent claims recite 
that a request for credentials associated with a user is issued after a workstation is granted 
access to a service in order to determine if the user is authorized to access the a service 
available on a network server. This means that each of the independent claims require at 
least two authentication steps that occur in a specific order: (1) granting a physical 
workstation access to a service or server if its workstation credentials are in compliance 
with workstation policy; and then (2) granting a user access to the service or server if the 
physical workstation is granted access to the service and if the user is authorized to access 
the server or service based on the user's credentials . 
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The Applicants' representative pointed out that U.S. Patent No. 6,438,600 issued 
in the name of Greenfield et al. (hereinafter the "Greenfield reference") describes 
technology that only authenticates users and not a physical workstation. In other words, 
the Greenfield reference like the Gaul reference does not provide any teaching of 
checking workstation credentials associated with the workstation (and not with the user) 
in order to grant a workstation access to a network service. 

In response, Examiner Colin then directed Applicants' representative to column 7, 
line 36 through column 8, line 16 of the Greenfield reference in which Examiner Colin 
believed that stored credentials for a JAVA applet is a form of authentication for a 
physical machine that occurs prior to authentication of a user. Column 7, line 36 through 
column 8, line 16 of the Greenfield reference is reproduced below: 

"The preferred embodiment of the present invention 
will now be discussed with reference to FIG. 3. The left- 
hand column of FIG. 3 shows processes that occur in a 
client workstation, and the right-hand column shows 
processes that may occur in the server. 

The process of the present invention begins at Block 
300 when an executing applet requests invocation of a 
secured operation or access to secured data, for example by 
invoking an API (application programming interface). 
(Requests which do not require access to secured 
operations or secured data are not pertinent to the present 
invention, and are not accounted for by the logic of FIG. 3. 
It will be obvious to one of ordinary skill in the art how the 
logic of FIG. 3 can be incorporated with the logic for 
executing these other requests.) 

At Block 305, a test is made to determine whether 
stored credentials exist for this applet. According to the 
present invention, if such credentials exist, they will be 
stored in shared static data associated with the downloaded 
class from which the applet is executing. This shared static 
data is automatically restricted, by the Java sandbox 
facilities, to use by those applets downloaded from the 
same server and codebase (as discussed above). By storing 
the credentials in the static data associated with one 
particular codebase, the same set of credentials can be used 
to protect access to all applets from that server and 
codebase, while preventing any other applets from 
accessing or using these stored credentials. 
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If the test at Block 305 has a positive response, then 
Block 310 indicates that the stored credentials will be 
retrieved. These retrieved credentials will then be used to 
determine whether this user will be allowed to perform the 
requested operation from Block 300. If the test at Block 
305 has a negative response, however, then Block 315 will 
obtain credentials from the user of the executing applet. 
Techniques for obtaining credentials from a user are well 
known in the art, and do not form part of the present 
invention. Preferably, a prompt will be displayed using a 
window having entry fields, where one such entry field will 
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be provided for each element (e.g. user name, user 
password, and perhaps a user role such as "administrator" 
or "user") of the credentials required by this application. At 
Block 320, the obtained credentials are stored in the shared 
static data associated with the executing applet's class. 
(Application- specific validation, not shown in FIG. 3, may 
optionally be performed on the fields before the credentials 
are stored. An example of this type of validation is ensuring 
that a password is at least some predefined number of 
characters in length. Such validation procedures do not 
form part of the present invention.)" [Emphasis supplied.] 

The Applicant's representative explained to Examiner Colin that the step of 
"...authenticating a user of the workstation for access to the network server after 
authenticating the workstation for access to the network server..." cannot be read in a 
vacuum and without relying upon the previous steps that define the step of — 
authenticating--. 

The Applicants' representative explained that the applet authentication of the 
Greenfield reference is not the same as the Applicants' authentication of a workstation 
because authentication of a workstation, as recited in the amended in independent claims, 
requires granting the workstation access to one or more services available on a network 
server if the workstation credentials derived from the scanner are in compliance with the 
workstation policy. As defined earlier in independent Claim 1, workstation credentials 
comprise at least one of information about integrity of the workstation and a security 
posture of the workstation. 

Examiner Colin suggested that the Applicants amend the claims so that it is clear 
that previous steps are relied upon to define the terms of later steps. Specifically, 
Examiner Colin requested the Applicants to amend one of the last steps of independent 
Claim 1 by adding the word —said— as follows: "...authenticating a user of the 
workstation for access to the network server after said authenticating the workstation for 
access to the network server. . ." 

The Applicants have agreed with the Examiner and have now fully incorporated 
the Examiner's suggestion in all of the independent claims in this patent application. 

Examiner Colin indicated that he understood the Applicants' position and that he 
would consider it when the formal response was filed. The Applicants and the 
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undersigned appreciate the Examiner's time and consideration given during the telephone 
interview of July 26, 2006. 

The Applicants and the undersigned request the Examiner to review this interview 
summary and to approve it by writing "Interview Record OK" along with his initials and 
the date next to this summary in the margin as discussed in MPEP § 713.04, p. 700-202. 

Claim Rejections under 35 U.S.C. §103 

The Examiner rejected Claims 1-20 under 35 U.S.C. 103(a) as being unpatentable 
over U.S. Patent Application Publication No. 2001/0034847, published in the name of 
Stephen E. Gaul (hereinafter, the "Gaul reference") in view of U.S. Patent No. 6,438,600 
issued in the name of Greenfield et al. (hereinafter the "Greenfield reference") and U.S. 
Patent No. 6,298,445 issued in the name of Shostack et al. (hereinafter the "Shostack 
reference"). 

The Applicants respectfully offer remarks to traverse these pending rejections. 
The Applicants will address each independent claim separately as the Applicants believe 
that each independent claim is separately patentable over the prior art of record. 

The Applicants refer the Examiner to the Applicants' arguments in the response 
of July 24, 2006 which are fully adopted by reference in their entirety. 

Dependent Claims 2-7, 9-10, and 12-15, and 17-20 

The Applicants respectfully submit that the above-identified dependent claims are 
allowable because the independent claims from which they depend are patentable over 
the cited references. 

The Applicants also respectfully submit that the recitations of all the dependent 
claims are of patentable significance. Accordingly, reconsideration and withdrawal of the 
rejections of the dependent claims are respectfully requested. 

CONCLUSION 

The foregoing is submitted as supplemental response in connection with the 
telephone interview of July 26, 2006. This supplemental response should be read in 
conjunction with the Applicants' full response of July 24, 2006. The Applicants and the 
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undersigned thank Examiner Colin for the consideration of these remarks. The 
Applicants have submitted a telephone interview summary and remarks to traverse the 
rejections of Claims 1-15 and 17-20. The Applicants respectfully submit that the present 
application is in condition for allowance. Such Action is hereby courteously solicited. 

If any issues remain that may be resolved by telephone, the Examiner is requested 
to call the undersigned at 404.572.2884. 

Respectfully submitted, 

/SPW/ 



Steven P. Wigmore 
Reg. No. 40,447 

July 26, 2006 

King & Spalding LLP 
34 th Floor 

1180 Peachtree St. NE. 
Atlanta, Georgia 30309 
404.572.4600 

K&S Docket: 05456-105007 
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